package com.social.config.realm;

import com.social.pojo.Permission;
import com.social.pojo.Role;
import com.social.pojo.User;
import com.social.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;

/**
 * 认证与授权
 */
public class MyRealm extends AuthorizingRealm {
    /**
     * User 业务层对象
     */
    @Autowired
    private UserService userService;


    /**
     * 授权
     *
     * @param principalCollection 身份集合
     * @return 用户角色与权限信息
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //获取主身份信息
        String primaryPrincipal = (String) principalCollection.getPrimaryPrincipal();
        //根据用户名查询角色和权限
        User user = userService.selectByUsername(primaryPrincipal);
        //角色集合
        ArrayList<String> roleList = new ArrayList<>();
        //权限集合
        ArrayList<String> PermissionList = new ArrayList<>();
        //获取所有角色
        ArrayList<Role> roles = user.getRoles();
        //遍历所有角色
        for (Role role : roles) {
            //获取角色名称
            String role_name = role.getRoleName();
            //将角色放入角色集合
            roleList.add(role_name);
            //获取权限集合
            ArrayList<Permission> permissions = role.getPermissions();
            for (Permission permission : permissions) {
                //获取权限名称
                String authority_name = permission.getPermissionName();
                //将权限放入权限集合
                PermissionList.add(authority_name);
            }
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //添加角色
        simpleAuthorizationInfo.addRoles(roleList);
        //添加权限
        simpleAuthorizationInfo.addStringPermissions(PermissionList);
        return simpleAuthorizationInfo;
    }


    /**
     * 认证
     *
     * @param authenticationToken 用户提交的信息
     * @return 用户信息
     * @throws AuthenticationException 用户提交的信息不正确
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //身份信息
        String username = (String) authenticationToken.getPrincipal();
        //数据库查询数据
        User user = userService.selectByUsername(username);
        AuthenticationInfo info = null;
        try {
            //封装数据
            info = new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), this.getName());
        } catch (Exception e) {
            System.out.println("账户不存在");
        }
        return info;
    }
}
